/*
 * Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.springframework.security.core.context;

import java.util.function.Supplier;

import org.springframework.util.Assert;

/**
 * A <code>ThreadLocal</code>-based implementation of
 * {@link SecurityContextHolderStrategy}.
 *
 * @author Ben Alex
 * @author Rob Winch
 * @see java.lang.ThreadLocal
 * @see org.springframework.security.core.context.web.SecurityContextPersistenceFilter
 */
final class ThreadLocalSecurityContextHolderStrategy implements SecurityContextHolderStrategy {
    // 在Java中，ThreadLocal是一个线程局部变量，它提供了线程范围内的变量。每个线程都可以在ThreadLocal中存储自己的值，而这些值对于其他线程来说是不可见的。
	// 在一个HTTP请求处理的过程中，可能会使用ThreadLocal来存储一些线程相关的信息，以确保在同一个线程内共享这些信息
	// 需要注意的是，客户端发起code获取的请求和拿着code获取token的请求通常是两个不同的请求，它们在不同的线程上执行。
	// 在这种情况下，ThreadLocal不会被两个请求共享，因为每个请求都有自己独立的线程。
	private static final ThreadLocal<Supplier<SecurityContext>> contextHolder = new ThreadLocal<>();

	@Override
	public void clearContext() {
		contextHolder.remove();
	}

	@Override
	public SecurityContext getContext() {
		//此处会触发notNullDeferredContext对应的lambda表达式
		return getDeferredContext().get();
	}

	@Override
	public Supplier<SecurityContext> getDeferredContext() {
		//此处返回的为notNullDeferredContext 即再setDeferredContext封装的lambda表达式
		Supplier<SecurityContext> result = contextHolder.get();
		if (result == null) {
			SecurityContext context = createEmptyContext();
			result = () -> context;
			contextHolder.set(result);
		}
		return result;
	}

	@Override
	public void setContext(SecurityContext context) {
		Assert.notNull(context, "Only non-null SecurityContext instances are permitted");
		contextHolder.set(() -> context);
	}

	@Override
	public void setDeferredContext(Supplier<SecurityContext> deferredContext) {
		Assert.notNull(deferredContext, "Only non-null Supplier instances are permitted");
		// securityContextHolderFilter时此处的deferredContext即DelegatingDeferredSecurityContext对象,里面的两个属性封装了两个lambda
		// AnonymousAuthenticationFilter时会调用该方法重新设置，此时传递进来的deferredContext是一个lambda表达式，该表达式里面还封装了一个lambda
		// 表达式即securityContextHolderFilter时的notNullDeferredContext对应的表达式
		Supplier<SecurityContext> notNullDeferredContext = () -> {
			SecurityContext result = deferredContext.get();
			Assert.notNull(result, "A Supplier<SecurityContext> returned null and is not allowed.");
			return result;
		};
		//注意此处将封装的lambda表达式放入到了contextHolder中(此时lambda中还嵌套这lambda)
		contextHolder.set(notNullDeferredContext);
	}

	@Override
	public SecurityContext createEmptyContext() {
		return new SecurityContextImpl();
	}

}
